Skip to content

Fix SslHandler in Netty client #1184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 3, 2019
Merged

Fix SslHandler in Netty client #1184

merged 1 commit into from
Apr 3, 2019

Conversation

zoewangg
Copy link
Contributor

@zoewangg zoewangg commented Apr 2, 2019
edited
Loading

Description

Fix a bug where SNI was not enabled in Netty NIO Async Client for TLS and caused the requests to fail of handshake_failure in some services.

Motivation and Context

See #1171

Testing

Added integ tests.
Running the whole integ tests suites now. All integ tests passed

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

Checklist

  • I have read the CONTRIBUTING document
  • Local run of mvn install succeeds
  • My code follows the code style of this project
  • My change requires a change to the Javadoc documentation
  • I have updated the Javadoc documentation accordingly
  • I have read the README document
  • I have added tests to cover my changes
  • All new and existing tests passed
  • A short description of the change has been added to the CHANGELOG
  • My change is to implement 1.11 parity feature and I have updated LaunchChangelog

License

  • I confirm that this pull request can be released under the Apache 2 license

@zoewangg zoewangg mentioned this pull request Apr 2, 2019
Closed
@codecov-io
Copy link

codecov-io commented Apr 2, 2019
edited
Loading

Codecov Report

Merging #1184 into master will decrease coverage by <.01%.
The diff coverage is 100%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master    #1184      +/-   ##
============================================
- Coverage     58.98%   58.98%   -0.01%     
- Complexity     4594     4595       +1     
============================================
  Files           744      744              
  Lines         23020    23027       +7     
  Branches       1721     1721              
============================================
+ Hits          13579    13583       +4     
- Misses         8755     8756       +1     
- Partials        686      688       +2
Impacted Files Coverage Δ Complexity Δ
...nio/netty/internal/ChannelPipelineInitializer.java 73.8% <100%> (+5.23%) 7 <2> (+1) ⬆️
...awssdk/http/nio/netty/NettyNioAsyncHttpClient.java 66.44% <100%> (ø) 22 <0> (ø) ⬇️
...nio/netty/internal/OldConnectionReaperHandler.java 81.81% <0%> (-9.1%) 12% <0%> (-1%)
...on/awssdk/services/kinesis/KinesisRetryPolicy.java 85.71% <0%> (ø) 3% <0%> (+1%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c68a6de...b09720e. Read the comment docs.

dagnir
dagnir approved these changes Apr 3, 2019
View reviewed changes
Copy link
Contributor

@dagnir dagnir left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

...src/main/java/software/amazon/awssdk/http/nio/netty/internal/ChannelPipelineInitializer.java Outdated

public ChannelPipelineInitializer(Protocol protocol,
SslContext sslCtx,
long clientMaxStreams,
AtomicReference<ChannelPool> channelPoolRef,
NettyConfiguration configuration) {
NettyConfiguration configuration,
URI key) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: poolKey might be a little more descriptive

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yup, updated

services/pinpoint/src/it/java/software/amazon/awssdk/services/pinpoint/PinpointIntegTest.java Outdated

CreateAppResponse response = pinpointAsyncClient.createApp(b -> b.createApplicationRequest(r -> r.name(APP_NAME))).join();

appId = response.applicationResponse().id();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary to create an app? Would doing a list operation be sufficient (to avoid creating any resources)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope, updated to use getApps instead

@zoewangg zoewangg force-pushed the zoewang-pinpointAsync branch from 99cd0d4 to b09720e Compare April 3, 2019 03:22
spfink
spfink approved these changes Apr 3, 2019
View reviewed changes
...src/main/java/software/amazon/awssdk/http/nio/netty/internal/ChannelPipelineInitializer.java Outdated

public ChannelPipelineInitializer(Protocol protocol,
SslContext sslCtx,
long clientMaxStreams,
AtomicReference<ChannelPool> channelPoolRef,
NettyConfiguration configuration) {
NettyConfiguration configuration,
URI poorKey) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

poorKey -> poolKey?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops. Good catch! Fixed.

...src/main/java/software/amazon/awssdk/http/nio/netty/internal/ChannelPipelineInitializer.java
*/
private void configureSslEngine(SSLEngine sslEngine) {
SSLParameters sslParameters = sslEngine.getSSLParameters();
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How in the world is this not the default...

@zoewangg
Fix a bug where SNI was not enabled in Netty NIO Async Client and cau…
92fcb55 
…sed the requests to fail of handshake_failure in some services.
@zoewangg zoewangg force-pushed the zoewang-pinpointAsync branch from b09720e to 92fcb55 Compare April 3, 2019 17:14
@zoewangg zoewangg merged commit a1dfe19 into master Apr 3, 2019
@zoewangg zoewangg deleted the zoewang-pinpointAsync branch April 3, 2019 17:40
aws-sdk-java-automation pushed a commit that referenced this pull request Feb 5, 2021
@Quanzzzz
Merge pull request #1184 from Quanzzzz/release
a5e89b3 
Recover the correct model for ec2.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dagnir dagnir dagnir approved these changes

@spfink spfink spfink approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@zoewangg @codecov-io @dagnir @spfink